1. Field of the Invention
The present invention relates generally to retrieving policy information, and more specifically to obtaining policy information based on a plurality of authentication modules.
2. Description of the Related Art
Networked devices such as multifunction peripherals (MFPs) are normally shared among multiple users. Authorized users of these network devices have specific login credentials for gaining access to these devices. By supplying an appropriate login credential to an authentication module, a user may gain access to the device. With the increasing functionalities supported by these devices (e.g., copying, scanning, printing, address book), an owner of the network device may desire to create device restrictions and access privileges to prevent unauthorized users from using device resource or accessing confidential information. For example, an owner of a networked copier may want to restrict access to the corporate address book to a group of authorized users. In another scenario, an owner may set up access privileges that limit a first user to make only grayscale copies while allowing a second user to make both grayscale and color copies.
Policy restrictions provide access control to resources on a device. The policy restrictions of device resources are typically associated with a login credential supplied to an authentication module. Therefore, by authenticating with the authentication module, the applications running on the device will be able to limit the access and functionality provided to the authenticated user based on the policy information associated with the login credentials. The policy restriction is typically in a format of an access control list (ACL). An ACL is a table that includes information regarding access rights that each user has to a particular resource, such as device restriction, address book, file directory or individual files, etc.
Many client applications today can be accessed through one or more authentication modules. Generally, each authentication module is associated with an ACL that contains policy restrictions for the authentication module. In a case in which the client application supports a plurality of authentication modules, the owner often has to create a separate ACL for each of the authentication module. Thus, it becomes a challenging task to maintain and manage policy information from these separate ACLs.